LXC – error running non-shared postrotate script for /var/log/syslog of ‘/var/log/syslog’

I’ve got a Proxmox VE host running with a couple of LXC containers which used to run on Ubuntu 16.04. After I upgraded them to 18.04 I received a daily e-mail from every LXC container with the following error:

/etc/cron.daily/logrotate:
Failed to kill unit rsyslog.service: Input/output error
error: error running non-shared postrotate script for /var/log/syslog of '/var/log/syslog'
run-parts: /etc/cron.daily/logrotate exited with return code 1

I tried to fix it a couple times but never managed to find the real issue. Today I found the solution thanks to a German thread on the Proxmox forums.

The real error messageĀ  which causes logrotate to fail can be found by executing:

logrotate -v /etc/logrotate.d/rsyslog 

error: skipping "/var/log/syslog" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.

According to our German friends there is a new version of rsyslog which fixes the issue. It can be installed with the following commands:

apt install software-properties-common
add-apt-repository ppa:adiscon/v8-stable
apt install -y rsyslog

For safety I reboot the LXC container to make sure the new version of the service is running.

There is a final note about a message appearing in /var/log/syslog every few seconds but I haven’t seen that happen.

Leave a Reply

Your email address will not be published. Required fields are marked *